const { whiteList } = require('../../config/default.js')

module.exports = (options, app) => {
  return async (ctx, next) => {
    // 是否是超级管理员
    if (ctx.authAdmin.type === 2) {
      await next()
    } else {
      const reqPath = `${ctx.request.method}$${ctx.request.path}`
      // 是否在白名单
      if (whiteList.includes(reqPath)) {
        await next()
      } else {
        // 获取用户对应的权限接口
        const perms = await ctx.service.permissions.getPermissionsAPI(ctx.authAdmin.id)
        if (perms.includes(reqPath)) {
          await next()
        } else {
          ctx.throw(400, '您没有权限访问该接口！')
        }
      }
    }
  }
}
